blob: 550123acb0c099dde50d51d6cc92092e44d08298 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
.\" This source code is released into the public domain.
.Dd June 3, 2025
.Dt ACME.CONF 5
.Os
.Sh NAME
.Nm acme.conf
.Nd lfacme global configuration file
.Sh SYNOPSIS
.Pa /usr/local/etc/lfacme/acme.conf
.Sh DESCRIPTION
The
.Nm
file is a shell script used to configure the global behaviour of
.Nm lfacme .
The following variables may be set:
.Bl -tag -width indent
.It Va ACME_URL
(Required.)
The URL of the ACME server.
.It Va ACME_DATADIR
The path to the runtime data directory, where the ACME account key and any
issued certificates will be stored.
The default value is
.Pa /var/db/lfacme .
.It Va ACME_HOOKDIR
The path to a directory containing hooks to invoke when issuing certificates
(see
.Xr domains.conf 5 ) .
The default value is
.Pa /usr/local/etc/lfacme/hooks .
.It Va ACME_HTTP_CHALLENGE_DIR
The directory to store ACME challenges when responding to an
.Dq http-01
challenge with the
.Dq http
challenge handler.
This directory must be served at
.Dq /.well-known/acme-challenge
on any domain which will be validated with the
.Dq http
handler.
There is no default value; you must set this if you use the
.Dq http
handler.
.It Va ACME_KERBEROS_PRINCIPAL
The Kerberos principal to use when responding to a
.Dq dns-01
challenge with the
.Dq kerberos
challenge handler.
The default value is
.Dq host/$(hostname) .
.El
.Sh SEE ALSO
.Xr domains.conf 5 ,
.Xr lfacme-renew 8 ,
.Xr lfacme-setup 8
|
